Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

wordpress wordpress 1.4 vulnerabilities and exploits

(subscribe to this query)

7.5
CVSSv2
CVE-2008-4732
SQL injection vulnerability in ajax_comments.php in the WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to execute arbitrary SQL commands via the p parameter....
Pressography Wp Comment Remix PluginPressography Wp Comment Remix Plugin 1.4
7.5
CVSSv2
CVE-2008-4734
Cross-site request forgery (CSRF) vulnerability in the wpcr_do_options_page function in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to perform unauthorized actions as administrators via a request that sets the wpcr_hidden_form_input parameter....
Pressography Wp Comment Remix PluginPressography Wp Comment Remix Plugin 1.4
4.3
CVSSv2
CVE-2008-4733
Cross-site scripting (XSS) vulnerability in wpcommentremix.php in WP Comment Remix plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the (1) replytotext, (2) quotetext, (3) originallypostedby, (4) sep, (5) maxtags, (6) tagsep,...
Pressography Wp Comment Remix Plugin 1.4Pressography Wp Comment Remix Plugin
4.3
CVSSv2
CVE-2012-1835
Multiple cross-site scripting (XSS) vulnerabilities in the All-in-One Event Calendar plugin 1.4 and 1.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to app/view/agenda-widget-form.php; (2) args, (3) title, (4)...
Timely All-in-one Event Calendar 1.5Timely All-in-one Event Calendar 1.4
4.3
CVSSv2
CVE-2011-3865
Cross-site scripting (XSS) vulnerability in the Black-LetterHead theme before 1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php....
Ulyssesonline Black-letterheadUlyssesonline Black-letterhead 1.4Ulyssesonline Black-letterhead 1.3Ulyssesonline Black-letterhead 1.2Ulyssesonline Black-letterhead 1.1
4.3
CVSSv2
CVE-2011-3857
Cross-site scripting (XSS) vulnerability in the Antisnews theme before 1.10 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Antisocialmediallc Antisnews 1.0Antisocialmediallc Antisnews 1.1Antisocialmediallc Antisnews 1.2Antisocialmediallc Antisnews 1.3Antisocialmediallc Antisnews 1.4Antisocialmediallc AntisnewsAntisocialmediallc Antisnews 1.5Antisocialmediallc Antisnews 1.7Antisocialmediallc Antisnews 1.8Antisocialmediallc Antisnews 1.6
4.3
CVSSv2
CVE-2011-3864
Cross-site scripting (XSS) vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter....
Somadesign The Erudite 1.4Somadesign The Erudite 2.0Somadesign The Erudite 2.7.1Somadesign The Erudite 2.7.4Somadesign The Erudite 1.0Somadesign The Erudite 1.1Somadesign The Erudite 1.2Somadesign The Erudite 2.7.7Somadesign The EruditeSomadesign The Erudite 2.5Somadesign The Erudite 2.6Somadesign The Erudite 2.6.1Somadesign The Erudite 2.6.2Somadesign The Erudite 1.3Somadesign The Erudite 1.4.1Somadesign The Erudite 2.0.2Somadesign The Erudite 2.7Somadesign The Erudite 2.7.2
4.3
CVSSv2
CVE-2011-3860
Cross-site scripting (XSS) vulnerability in the Cover WP theme before 1.6.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter....
Onedesigns Cover WpOnedesigns Cover Wp 1.6Onedesigns Cover Wp 1.6.1Onedesigns Cover Wp 1.5.4Onedesigns Cover Wp 1.5.5Onedesigns Cover Wp 1.3Onedesigns Cover Wp 1.4Onedesigns Cover Wp 1.5Onedesigns Cover Wp 1.5.1Onedesigns Cover Wp 1.5.8Onedesigns Cover Wp 1.6.2Onedesigns Cover Wp 1.1Onedesigns Cover Wp 1.2Onedesigns Cover Wp 1.6.3Onedesigns Cover Wp 1.6.4Onedesigns Cover Wp 1.5.6Onedesigns Cover Wp 1.5.7Onedesigns Cover Wp 1.4.1Onedesigns Cover Wp 1.5.9Onedesigns Cover Wp 1.5.2Onedesigns Cover Wp 1.5.3
7.5
CVSSv2
CVE-2015-3313
SQL injection vulnerability in WordPress Community Events plugin before 1.4....
6.8
CVSSv2
CVE-2012-5387
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify the developer name via the wlcms_o_developer_name...
Videousermanuals White-label-cms 1.4.1Videousermanuals White-label-cms 1.4Videousermanuals White-label-cms 1.0.2Videousermanuals White-label-cms 1.4.3Videousermanuals White-label-cms 1.4.2Videousermanuals White-label-cms 1.0.4Videousermanuals White-label-cms 1.0.3Videousermanuals White-label-cmsVideousermanuals White-label-cms 1.4.7Videousermanuals White-label-cms 1.3Videousermanuals White-label-cms 1.2Videousermanuals White-label-cms 1.4.6Videousermanuals White-label-cms 1.4.5Videousermanuals White-label-cms 1.4.4Videousermanuals White-label-cms 1.1Videousermanuals White-label-cms 1.0.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-27833firewallmalicious code‎CVE-2021-28482file uploadCVE-2021-1079CVE-2021-29606CVE-2021-29596CVE-2021-32054
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook